Last October, the Authority for the Protection of Personal Data published a vademecum containing some suggestions for creating and managing passwords to prevent data breaches, which are becoming increasingly frequent. First of all, with particular reference to the creation of passwords, the Authority clarifies that a good password, to be defined as ‘strong’, must be […]

On November, 4th 2021, IVASS issued Regulation no. 49 laying down the procedures to adopt the measures envisaged by the Decree of the Ministry of Economy and Finance no. 100/2021 implementing the Legal Decree 30 April 2019, n. 34 (so-called “Decreto Crescita”) establishing the conditions and the modalities how to conduct the trial in the […]

With 377 votes in favour, 248 against, and 62 abstentions, the European Parliament passed a resolution on 6 October 2021 calling on the European Commission to establish a permanent ban on biometric video surveillance in public. In particular, the Parliament requested the Commission to put all necessary tools to prevent any processing of biometric data, […]

On 22 October 2021, in consideration of the evolution of European regulations, IVASS and CONSOB signed a Framework Agreement to strengthen the long-standing cooperation between the two Authorities, in order to better guarantee the investors and policyholders in their financial transactions and ensure a higher stability of the financial and insurance system. To this purpose, […]

On 16 September 2021, two meetings were held between the Italian Data Protection Authority and representatives of Facebook and Luxottica to discuss the privacy implications of bringing Ray-Ban “Stories” smart glasses to market. The wearable device allows users to send photos and record videos by voice command or by pressing a button, collecting images and […]

On September 23rd 2021, IVASS published some clarifications concerning Provision no.111 of 2021. In particular, with reference to Art. 14, it has been specified that for the year 2021 only, the deadline by which the “qualified” insurance intermediaries are required to send IVASS the communications envisaged by Art. 11, paragraph 4, letter a) has been […]

The second Chamber of the European Court of Justice, with judgment c/790/19 clarified an important legal issue, establishing the principle according to which the perpetrator of the principal offense can be charged with the offense of money laundering, thus confirming the legitimacy of the self-laundering in all the EU States. The Court, in fact, called […]

The Irish Supervisory Authority has sanctioned Whatsapp with a €225 million fine for violating the provisions of the GDPR (Regulation (EU) 2016/679). In particular, the world’s most popular instant messaging app would have shared data with other companies of the Facebook Group without providing data subjects with adequate information. The measure comes at the end […]

In a world where a large part of the information is disseminated through electronic communication channels, the protection of personal data being transmitted becomes more important. The content of electronic communications can reveal highly sensitive data about the individuals involved – such as sexual preferences or political opinions. Similarly, metadata derived from electronic communications (e.g. […]

The Italian Data Protection Authority has issued an injunction against Deliveroo Italy S.r.l. (Order No. 285 of 22 July 2021), for the unlawful data processing of 8,000 riders.  In addition to prescribing corrective measures to be implemented within a specific timeframe, the Authority also imposed a fine of €2.5 million on the Company. The measure was issued due to […]